Vulnerability Description
IBM DB2 9.5 through 10.5 on Linux, UNIX, and Windows stores passwords during the processing of certain SQL statements by the monitoring and audit facilities, which allows remote authenticated users to obtain sensitive information via commands associated with these facilities.
CVSS Score
MEDIUM
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Ibm | Db2 | 9.5 |
Related Weaknesses (CWE)
References
- http://www-01.ibm.com/support/docview.wss?uid=swg1IT07397
- http://www-01.ibm.com/support/docview.wss?uid=swg1IT07547
- http://www-01.ibm.com/support/docview.wss?uid=swg1IT07552
- http://www-01.ibm.com/support/docview.wss?uid=swg1IT07553
- http://www-01.ibm.com/support/docview.wss?uid=swg1IT07554
- http://www-01.ibm.com/support/docview.wss?uid=swg21698021PatchVendor Advisory
- http://www.securityfocus.com/bid/74217
- http://www.securitytracker.com/id/1032247
- http://www-01.ibm.com/support/docview.wss?uid=swg1IT07397
- http://www-01.ibm.com/support/docview.wss?uid=swg1IT07547
- http://www-01.ibm.com/support/docview.wss?uid=swg1IT07552
- http://www-01.ibm.com/support/docview.wss?uid=swg1IT07553
- http://www-01.ibm.com/support/docview.wss?uid=swg1IT07554
- http://www-01.ibm.com/support/docview.wss?uid=swg21698021PatchVendor Advisory
- http://www.securityfocus.com/bid/74217
FAQ
What is CVE-2014-0919?
CVE-2014-0919 is a vulnerability with a CVSS score of 4.0 (MEDIUM). IBM DB2 9.5 through 10.5 on Linux, UNIX, and Windows stores passwords during the processing of certain SQL statements by the monitoring and audit facilities, which allows remote authenticated users to...
How severe is CVE-2014-0919?
CVE-2014-0919 has been rated MEDIUM with a CVSS base score of 4.0/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2014-0919?
Check the references section above for vendor advisories and patch information. Affected products include: Ibm Db2.